CVE-2024-57872

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()

This will ensure that the scsi host is cleaned up properly using scsi_host_dev_release(). Otherwise, it may lead to memory leaks.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux03b1781aa978aab345b5a85d8596f8615281ba89 < cd188519d2467ab4c2141587b0551ba030abff0eaffected
LinuxLinux03b1781aa978aab345b5a85d8596f8615281ba89 < 897df60c16d54ad515a3d0887edab5c63da06d1faffected
LinuxLinux3.10affected
LinuxLinux0 < 3.10unaffected
LinuxLinux6.12.5 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References